Sign In
Request for warranty repair

In case of a problem we’ll provide diagnostics and repairs at the server installation site. For free.

Language

AMD SEV and Intel TDX: who needs it

AMD SEV and Intel TDX

Conventional virtualization has long been the baseline way to isolate workloads, but it has a fundamental limitation: the guest still largely depends on trust in the host, the hypervisor, and the platform’s administrative control plane. In a private cluster, that is often acceptable. In a public cloud, hosted private cloud, and multi-tenant infrastructure, not always. This is exactly the backdrop against which interest in confidential computing grew: a model where data must be protected not only at rest and in transit, but also in use, meaning while it is being processed inside a virtual machine. Microsoft explicitly describes a confidential VM as a hardware-protected boundary between the application and the virtualization layer, and in the IaaS model it treats AMD SEV-SNP and Intel TDX as VM isolation mechanisms for such scenarios.

It is important to define the boundaries right away. AMD SEV-SNP and Intel TDX do not make a system ā€œinvulnerable,ā€ do not replace guest OS hardening, and do not eliminate the need for access control, segmentation, secret management, and auditing. Their purpose is more practical: to reduce trust in the platform as part of the trusted computing base and to make access to guest memory and state from the host or hypervisor much harder. This is especially valuable where the infrastructure does not belong to you, where the data is sensitive, and where the threat model includes privileged administrators, the cloud operator, or the compromise of part of the platform stack.

Why conventional virtualization is no longer always enough

Classic VM isolation works well as long as the customer is willing to trust the provider, the hypervisor, and the host management tools. But in modern cloud models, that trust is increasingly becoming a non-obvious assumption. A SaaS provider may store customers’ personal data in a public cloud, a contractor may run someone else’s code in its infrastructure, and an enterprise customer may require that even the platform operator not have full access to the data while it is being processed. In that framing, the question is no longer limited to disk encryption and TLS between services.

That is the logic behind confidential VMs. If encryption at rest protects data on storage and encryption in transit protects data during transmission, then confidential computing aims to protect it in RAM and during execution. This does not remove the need to distrust the platform as a whole, but it significantly narrows the trusted computing base and raises the difficulty of attacks from components that were previously seen as almost all-powerful.

That is why demand for such technologies did not emerge in abstract cryptography, but in very practical areas: public cloud for regulated workloads, multi-tenant SaaS, cross-organizational analytics, ML/AI inference on sensitive data, sovereign cloud, and managed platforms where the client needs not just to ā€œmove into the cloud,ā€ but to get a clear model for protecting data from the cloud itself.

Most popular refurbished servers

DATABASE SERVER
Refurbished
In stock
HPE ProLiant DL380 Gen10 8SFF
Server HPE DL380 Gen10 8SFF
2xIntel Xeon Gold 6126 (12C 19.25M Cache 2.60 GHz) / 6x16GB DDR4 RDIMM 2933MHz / RAID HPE P408i-a (2GB+FBWC) / noHDD (up to Array HDD 2.5'' SFF) / Power supply HP 500w
Base price
280 €
231 €
+ 49 € VAT
Incl shipping across EU
ConfigureĀ server
Refurbished
In stock
HPE ML350 Gen10 8SFF
Server HPE ML350 Gen10 8SFF
2xIntel Xeon Gold 5120 (14C 19.25M Cache 2.20 GHz) / 2x16GB DDR4 RDIMM 3200MHz / RAID HPE P408i-a (2GB+FBWC) / noHDD (up to Array HDD 2.5'' SFF) / 2 Ɨ Power supply HP 800w
Base price
1 533 €
1 267 €
+ 266 € VAT
Incl shipping across EU
ConfigureĀ server
Refurbished
In stock
DELL PowerEdge R640 10SFF
Server Dell R640 10SFF
2xIntel Xeon Bronze 3104 (6Š” 8.25M Cache 1.70 GHz) / 2x16GB DDR4 RDIMM 2133MHz / RAID Dell PERC H330 Mini Mono (ZM) / noHDD (up to Array HDD 2.5'' SFF) / 2 Ɨ Power supply Dell 750w
Base price
364 €
301 €
+ 63 € VAT
Incl shipping across EU
ConfigureĀ server
Refurbished
In stock
DELL PowerEdge R740 16SFF
Server Dell R740 16SFF
2xIntel Xeon Bronze 3204 (6Š” 8.25M Cache 1.90 GHz) / 2x16GB DDR4 RDIMM 2133MHz / RAID Dell PERC H330 Mini Mono (ZM) / noHDD (up to Array HDD 2.5'' SFF) / 2 Ɨ Power supply Dell 750w
Base price
364 €
301 €
+ 63 € VAT
Incl shipping across EU
ConfigureĀ server

What AMD SEV, SEV-ES, and SEV-SNP are

It is not entirely correct to talk about ā€œAMD SEVā€ as a single feature. It is a family of technologies that evolved in stages.

The original SEV introduced encryption for virtual machine memory. That was already a serious step forward compared to conventional virtualization, because guest memory stopped being simply an open resource to the host. Then SEV-ES appeared, extending protection to the guest execution state, including CPU registers and part of the guest context. But the truly important milestone for today’s confidential VM landscape was SEV-SNP. AMD specifically emphasizes that SNP adds strong memory integrity protection and mechanisms against malicious hypervisor attacks, including replay and memory remapping. That is why, in practical discussions today, it usually makes more sense to compare SEV-SNP with TDX rather than ā€œSEV in general.ā€

This distinction is fundamental. Memory confidentiality alone is not enough if an attacker can silently substitute pages, replay older states, or manipulate memory mappings. That is why the conversation around confidential computing almost always comes down not only to confidentiality, but also to integrity. SEV-SNP matters precisely because it makes VM isolation substantially more complete in a model where the host may be untrusted or partially compromised.

That is also why the market focus has shifted toward SNP. In cloud and hosted infrastructure, the value comes not simply from the fact that memory is encrypted, but from the ability to build a stronger guarantee: the guest VM is protected not only from passive reading, but is also better able to resist certain active manipulations from the platform side. For the customer, this is no longer a decorative security feature, but an argument for a specific class of workload placement.

What Intel TDX is

Intel TDX trust domain

Intel Trust Domain Extensions addresses the same business problem — reducing trust in the host and hypervisor when running VMs — but does so through its own architectural model. Intel describes TDX as a mechanism that provides confidentiality, integrity, and authenticity for data inside a trust domain, using hardware isolation, memory encryption, and remote attestation. Put simply, TDX creates a stricter hardware-supported boundary for the virtual machine inside which the workload runs.

In meaning, TDX is close to what SEV-SNP does: both technologies are intended for confidential VMs, both reduce the role of the hypervisor as a fully trusted element, and both matter where cryptographically strengthened guest isolation is required. But this is not ā€œthe same SEV, just from Intel.ā€ Intel has a different architectural path, its own ecosystem, its own limitations, its own attestation process, and its own set of operational nuances.

That is why the debate over ā€œwhich is better — AMD or Intelā€ is almost always incorrect when detached from the platform context. For an engineer, other things matter much more: how mature the implementation is at the required provider, which guest OSes are supported, how attestation and lifecycle operations work, and whether there are restrictions on snapshots, migration, debugging, security agents, and observability.

What confidential VMs actually protect — and what they do not

The most common mistake is to assign far too broad a meaning to confidential VMs. SEV-SNP and TDX do in fact protect a virtual machine’s memory from being read by the host, help isolate the workload in an environment where the hypervisor is not considered fully trusted, and provide the basis for verifying trusted state through attestation. Depending on the technology and configuration, they also affect the protection of part of the execution state and integrity. That makes them especially useful for tenant isolation in the cloud and for sensitive VMs that cannot simply be left to the discretion of the platform administrator.

But protection does not end there — and magic does not begin. If the application inside the guest is vulnerable, a confidential VM will not save it. If an attacker gets root access inside the VM itself, the TEE does not turn the compromised system back into a trusted one. If you have a weak IAM model, poor secret management, gaps in CI/CD, unverified images, insecure monitoring agents, or chaos in network segmentation, SEV-SNP and TDX will not solve those problems.

Side-channel risks also deserve separate mention. Neither AMD nor Intel positions these technologies as a universal solution for all side channels. What is being offered is a reduction of the trusted base and hardware isolation against a certain class of attacks, not a complete closure of the entire attack surface. That is why confidential VMs should be seen as one layer in an overall architecture, not as a replacement for basic security hygiene.

This is exactly where the line runs between a ā€œuseful technologyā€ and a ā€œsecurity checkbox.ā€ If an organization cannot maintain images, patch the OS, manage keys, logging, and access properly, confidential computing will not fix fundamental operational failures.

Who really needs AMD SEV and Intel TDX

Who really needs AMD SEV and Intel TDX

Public cloud and multi-tenant infrastructure

This is the most obvious and mature scenario. When a workload lives in the public cloud, you do not control the physical server, the firmware stack, the hypervisor, or the provider’s administrative plane. Even if you trust the provider in general, you may still need to reduce how much you trust it. This is exactly where confidential VMs deliver their clearest value.

First and foremost, this is relevant for processing PII, financial data, medical information, customer data in multi-tenant SaaS, and B2B services where the customer asks not only about disk encryption, but also about protection during execution. In such discussions, SEV-SNP or TDX is not a universal answer, but it is already a concrete argument for the security review, the compliance team, and enterprise procurement.

Hosted private cloud and service provider infrastructure

Managed hosting, MSPs, and sovereign cloud have a similar logic, only the level of control is usually higher and customer requirements are more varied. Here, a confidential VM can become an additional security tier: not just ā€œwe isolate projects with hypervisor mechanisms,ā€ but ā€œwe reduce trust in the platform at the hardware level.ā€

But real value appears only when the provider can explain the operational model. Is attestation available? How is image support handled? What about observability? What limitations exist for live migration, snapshots, and debugging? Until there are answers to these questions, a confidential VM remains a nice feature in a presentation, not a mature service.

Regulated workloads and sensitive data

In highly regulated environments, confidential VMs matter not because they automatically ensure compliance, but because they strengthen the protection architecture. They help address part of the questions around data in use and provide a stronger isolation model than conventional virtualization.

This is especially visible in healthcare, fintech, government and near-government scenarios, as well as in international B2B models where one side wants to run code or store data in the other side’s infrastructure, but is not willing to trust the entire platform stack unconditionally.

Cross-organizational computing and confidential workloads

A separate class of use cases includes joint analytics across several organizations, confidential data sharing, clean rooms, inference on sensitive datasets, and running proprietary models outside a fully controlled perimeter.

Neither SEV-SNP nor TDX solves everything by itself, but both provide an important foundation. Especially if a workflow is built on top of them that includes attestation, a policy engine, and secret release only to a trusted workload instance.

Who most likely does not need these technologies

Not every VM needs confidential computing. If you run standard corporate systems without particularly sensitive data, dev/test environments, short-lived ephemeral workloads, or small business infrastructure without a distinct threat model involving the platform side, the benefit may be minimal.

The same is true for teams that do not have maturity in attestation, image trust, and configuration control. If an organization has not yet learned to keep the basics in order, confidential VMs often become not a security improvement, but an expensive complication.

How to tell whether you need them

The right question is not ā€œdoes our provider support confidential VMs,ā€ but ā€œdo we have a threat model that makes them justified.ā€ To answer that, it is worth going through a set of questions in sequence:

How much do you trust the cloud operator or hosting provider?

How significant is the risk of access by privileged platform administrators?

Do your customer, partner, or regulator require protection for data in the use state?

Do you need remote verification of the instance’s trusted state before issuing keys and secrets?

Do you store or process genuinely sensitive data?

Are you ready to accept restrictions in compatibility, migration, observability, and support?

Can you use attestation as part of a real workflow rather than as a formal checkbox?

Practical scenario guide

Scenario Benefit level Why What to check before adoption
Public cloud + PII High You need to reduce trust in the host operator Attestation support, guest OS support, lifecycle limitations
Multi-tenant SaaS High Protecting customer data and strengthening tenant isolation Compatibility with agents, logging, and secret flow
Internal ERP in a private cluster Medium The benefit depends on the internal threat model Whether there is a real risk from platform admins
Dev/test environment Low There is often no sensitive data and no reason to add complexity Cost, overhead, operational fit
ML inference with a proprietary model High Protecting the model and input data during execution matters Attestation, KMS integration, support for the required stack
Processing medical data High Stronger protection for data in use and an argument for compliance Platform limitations, regional availability
A contractor runs a client’s code High You need to minimize trust between the parties Verifiable launch, image, and secret release chain

If this analysis shows that your main risk is not an untrusted host at all, but weak IAM, messy secret handling, or lack of patch management, then you should not start with SEV-SNP or TDX.

AMD SEV-SNP vs Intel TDX: how to compare them without oversimplifying

AMD SEV-SNP vs Intel TDX

There is no point in comparing these technologies only through neat diagrams. For practical selection, very different things matter: where they are available, how mature they are at specific cloud providers, which configurations are supported, how convenient attestation is, what happens with live migration, snapshots, debugging, and observability, and how performance changes for a specific workload type.

As of today, AMD has historically been more visible in the confidential VM space as a more mature and longer-discussed option for cloud scenarios, especially in the context of SEV-SNP. Intel TDX is rapidly catching up and becoming increasingly attractive where an organization is already building around the Xeon ecosystem or choosing a cloud where TDX is offered as a fully supported option. Microsoft notes that Azure offers TEE-based options on both AMD and Intel, while Google Cloud describes Confidential VM support for both AMD SEV/SEV-SNP and Intel TDX.

This means something simple: for many teams, the choice is not between ā€œAMD philosophyā€ and ā€œIntel philosophy,ā€ but between specific VM types, regions, CPU platforms, and the provider’s support matrix. If the cloud you need has had SEV-SNP available for a long time, supports the required images, and fits well into your lifecycle, that is a strong argument. If, on the other hand, your stack is tightly linked to the Intel platform and TDX is implemented in a mature way by your chosen provider, the practical balance may shift in that direction.

Comparison by key criteria

Criterion AMD SEV-SNP Intel TDX What matters to clarify
Protection model Confidential VM with an emphasis on memory encryption and integrity protections Confidential VM through trust domains and hardware isolation Which exact configuration the provider offers
Cloud availability maturity Historically strong Growing quickly Whether the required regions and instance types exist
Attestation Available, but the platform implementation matters Available, and it is a critical part of the model How attestation is integrated into KMS/policy
Compatibility and tooling Depends on the guest OS and platform The same Kernel, image, and orchestration support
Operational constraints Lifecycle operation limitations are possible Lifecycle operation limitations are possible What happens with snapshots, migration, and debugging
Public cloud Highly relevant Increasingly relevant Availability of managed tooling and support
Private infrastructure Useful with a mature threat model Useful with a mature threat model Whether the team is ready to operate the TEE stack

Limitations and hidden trade-offs

The most underestimated part of the topic is operations. Confidential VMs are almost never introduced without side effects. Not all guest OSes and not all image types are supported equally well. Low-level debugging tools, introspection, and some security agents may work differently or require adaptation. Live migration, snapshots, device passthrough, and other familiar operations can sometimes be limited or behave differently than they do in ordinary VMs.

In addition, attestation by itself does very little if it is not embedded into the workload lifecycle. If secrets are still issued to an instance without verifying trust claims, much of the value is lost. If observability requires agents with deep access to the system, the confidential VM model may conflict with established monitoring practices. If the team cannot maintain firmware, microcode, the guest kernel, and security advisories, operational complexity quickly starts to outweigh architectural elegance. In Intel’s TDX documentation, both secure development and attestation, as well as enablement and operational guidance, are highlighted explicitly, which in itself shows something important: this is not a ā€œone-click option,ā€ but an additional layer of engineering discipline.

Another practical factor is performance. It may be close to a normal VM for some workloads, while for others it may change depending on the profile: CPU-heavy, memory-heavy, I/O-heavy, and workloads involving agents and observability stacks. That is why any promise that ā€œthe overhead is negligibleā€ needs to be validated on your actual workload, not on a marketing example.

Why attestation matters no less than isolation itself

Attestation for confidential VMs

Without attestation, a confidential VM remains an incomplete construct. Yes, the guest’s memory is better protected, and yes, the trusted base is reduced, but an external system still needs to understand that the workload really started in the expected and acceptable configuration.

That is the purpose of attestation: to obtain confirmation that the instance is running inside the required trusted environment, with the expected configuration, on an acceptable platform, and without deviations critical to your access policy. On Google Cloud, attestation is explicitly described as a way to increase confidence that a Confidential VM is legitimate and running in the expected state.

In practice, it looks like this. The workload starts, obtains attestation evidence, passes it to an external verifier or KMS, and that system then decides whether to release a key, token, access to data, or access to a confidential model. It is exactly the combination of TEE + attestation + policy that turns a platform feature into a working security pattern. Without it, a confidential VM too often remains simply a better-protected VM that is still weakly integrated into the trust workflow.

That is why mature implementations begin not with the question ā€œdo we have SNP or TDX,ā€ but with the question ā€œwhat exactly are we going to do with attestation, and how does it influence secret release and trust in the workload.ā€

Where this is already being used in practice

The topic has long moved beyond laboratory concepts. Azure directly offers confidential VMs as an IaaS model for scenarios with heightened confidentiality requirements and supports TEE options on both AMD and Intel. Google Cloud also supports Confidential VM based on AMD SEV, SEV-SNP, and Intel TDX. At the same time, both platforms emphasize an important market advantage: in some cases, a workload can be moved to a confidential VM without deep application redesign, that is, in a mode close to lift-and-shift.

This is an important distinction from enclave models, where extracting real value often requires more substantial application adaptation. Confidential VMs are valuable precisely because they provide hardware-strengthened isolation at the virtual machine level rather than requiring the entire architecture to be rebuilt around enclave APIs from the outset.

Storage systems

Refurbished
In stock
Seagate Exos X 2U12 12LFF
Storage Seagate Exos X 2U12
12х HDD 20TB 7K SAS, Dual Controller, Base-T 10Gb,2x580W, Bezel.
Price
27 557 €
22 774 €
+ 4 783 € VAT
Incl shipping across EU
Add to cart
Refurbished
HPE 3PAR StoreServ 8440 Storage
Storage HPE 3PAR StoreServ 8400 Storage (48SFF)
2 or 4 nodes with 2 FC 16Gb / s slots / noHDD (up to 48 HDD 2.5) / 2xPS 764w
Price
6 889 €
5 693 €
+ 1 196 € VAT
Incl shipping across EU
Add to cart
Refurbished
Dell PowerVault ME4012 SAS
Storage Dell PowerVault ME4012 HD SAS
2x Controller 8GB Cache (4x HD SAS 12Gb/s per controller) / noHDD (up to 12 hdd 3.5") / 1xPS 580w
Price
7 978 €
6 593 €
+ 1 385 € VAT
Incl shipping across EU
Add to cart
Refurbished
Dell PowerVault MD3600i
Storage Dell PowerVault MD3600i
2x Storage Controller / noHDD (up to 12 HDD 3.5") / 2xPS 600w
Price
2 049 €
1 693 €
+ 356 € VAT
Incl shipping across EU
Add to cart

Practical conclusion: adopt, test, or leave it alone

If reduced to the essence, AMD SEV-SNP and Intel TDX are needed by those who work with sensitive data in a virtualized environment and do not want to fully trust the host, the hypervisor, or the platform operator. First and foremost, that includes public cloud, hosted multi-tenant environments, regulated workloads, cross-organizational computing, and scenarios where secrets and access to data are released only after the workload’s trusted state has been verified.

If, however, your main problems lie in IAM, backups, patch management, image control, and basic operational discipline, confidential VMs will not be the best first investment. They do not replace security hygiene and do not compensate for weak operations.

When does it make more sense to look toward AMD SEV-SNP?

When you need a more mature practical story for confidential VMs, when current cloud availability matters, and when you are oriented toward the EPYC platform or AMD-based cloud offerings.

When does it make sense to consider Intel TDX?

When your infrastructure strategy is tied to the Xeon ecosystem, your chosen provider already delivers mature TDX support, and you are evaluating not an abstract feature but a concrete platform implementation.

In many cases, the right answer will be somewhere in between: not ā€œdeploy immediately everywhere,ā€ but test selectively. For one workload class — for example PII in a public cloud, inference on a proprietary model, or managed hosting for an enterprise customer — it may be truly justified. For the rest of the VMs, it may remain unnecessary complexity.

That is why the main selection criterion is not the CPU brand and not the trendiness of confidential computing. You should choose based on the threat model, the maturity of attestation processes, platform compatibility, and whether the technology provides a real operational fit for your specific infrastructure.

Comments
(0)
No comments
Write the comment
I agree to process my personal data

Content:

New
In stock
HPE ProLiant DL380 Gen11 8SFF
Server HPE DL380 Gen11 8SFF
1xIntel Xeon Bronze 3408U (8C 22.5M Cache 1.80 GHz) / 16GB DDR5 RDIMM 4800MHz / RAID HPE MR216i-o / noHDD (up to Array HDD 2.5'' SFF) / 1 Ɨ HP 800W
Base price
4 096 €
3 385 €
+ 711 € VAT
Incl shipping across EU
ConfigureĀ server
New
In stock
HPE ProLiant DL320 Gen11 8SFF
Server HPE DL320 Gen11 8SFF
1xIntel Xeon Bronze 3408U (8C 22.5M Cache 1.80 GHz) / 16GB DDR5 RDIMM 4800MHz / RAID HPE MR416i-o / noHDD (up to Array HDD 2.5'' SFF) / 1 Ɨ HP 500W
Base price
3 660 €
3 025 €
+ 635 € VAT
Incl shipping across EU
ConfigureĀ server
New
Lenovo ST550 16SFF
Server Lenovo ST550 16SFF
1xIntel Xeon Bronze 3204 (6Š” 8.25M Cache 1.90 GHz) / 8GB DDR4 RDIMM 2666MHz / RAID Lenovo 530-8i / noHDD (up to Array HDD 2.5'' SFF) / Power supply Lenovo 750w
Base price
865 €
715 €
+ 150 € VAT
Incl shipping across EU
ConfigureĀ server
Refurbished
In stock
DELL PowerEdge R350 8SFF
Server Dell R350 8SFF
1xIntel Xeon E-2314 (4C 8M Cache 2.80 GHz) / 16GB DDR4 UDIMM 2666MHz / RAID Dell S150 / noHDD (up to Array HDD 2.5'' SFF) / Power supply Dell 600w
Base price
1 242 €
1 026 €
+ 216 € VAT
Incl shipping across EU
ConfigureĀ server
Refurbished
In stock
DELL PowerEdge R340 8SFF
Server Dell R340 8SFF
1xIntel Xeon E-2234 (4C 8M Cache 3.60 GHz) / 2x16GB DDR4 UDIMM 2666MHz / RAID Dell PERC H330 Mini Mono (ZM) / noHDD (up to Array HDD 2.5'' SFF) / 2 Ɨ Power supply Dell 350w
Base price
464 €
383 €
+ 81 € VAT
Incl shipping across EU
ConfigureĀ server
Refurbished
Lenovo SR630 8SFF
Server Lenovo SR630 8SFF
1xIntel Xeon Bronze 3106 (8Š” 11M Cache 1.70 GHz) / 8GB DDR4 RDIMM 2666MHz / RAID Lenovo 530-8i / noHDD (up to Array HDD 2.5'' SFF) / Power supply Lenovo 750w
Base price
1 282 €
1 060 €
+ 222 € VAT
Incl shipping across EU
ConfigureĀ server

Next news

Be the first to know about new posts and earn 50 €